exploitDog

GHSA-vm8x-q73p-rmc7

Опубликовано: 14 сент. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 7.7

Описание

In One Identity OneLogin before 2025.3.0, a request returns the OIDC client secret with GET Apps API v2 (even though this secret should only be returned when an App is first created),

In One Identity OneLogin before 2025.3.0, a request returns the OIDC client secret with GET Apps API v2 (even though this secret should only be returned when an App is first created),

Ссылки

EPSS

Процентиль: 17%

0.00056

Низкий

7.7 High

CVSS3

CVE ID

Дефекты

CWE-669

Связанные уязвимости

CVE-2025-59363

CVSS3: 7.7

nvd

5 месяцев назад

In One Identity OneLogin before 2025.3.0, a request returns the OIDC client secret with GET Apps API v2 (even though this secret should only be returned when an App is first created),

EPSS

Процентиль: 17%

0.00056

Низкий

7.7 High

CVSS3

CVE ID

Дефекты

CWE-669